Troj/VB-EUL

Category: Viruses and Spyware Protection available since:05 Aug 2010 02:18:06 (GMT)
Type: Trojan Last Updated:05 Aug 2010 02:18:06 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/VB-EUL include:

Example 1

File Information

Size
64K
SHA-1
61a23ca397884b5329b8af33418a59607ff533de
MD5
9113a12ecae1ce1fa216156abdba114a
CRC-32
34fdae4a
File type
application/x-ms-dos-executable
First seen
2010-08-03

Runtime Analysis

Dropped Files
  • C:\Program Files\MSN\server.exe
    Size
    65K
    SHA-1
    788fec1351a9d90c7833bcc601a3040fc194bb39
    MD5
    a7ba1e707dc574569d691c69cabdffe5
    CRC-32
    714480fb
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
  • c:\Documents and Settings\test user\Local Settings\Temp\sample0.exe
    Size
    65K
    SHA-1
    788fec1351a9d90c7833bcc601a3040fc194bb39
    MD5
    a7ba1e707dc574569d691c69cabdffe5
    CRC-32
    714480fb
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
Registry Keys Created
  • HKLM\SOFTWARE\Bifrost
    nck
    ed 1b e6 27 b9 28 d6 32 74 c3 cd 74 fa 93 5b 67
Processes Created
  • c:\docume~1\support\locals~1\temp\sample0.exe
DNS Requests
  • salim121.no-ip.biz

Example 2

File Information

Size
64K
SHA-1
6de11f16a97ff720daaca915974e486acc1bc071
MD5
9f55e1499fe1335af1dac99128643f0d
CRC-32
2700c128
File type
application/x-ms-dos-executable
First seen
2010-08-03

Runtime Analysis

Dropped Files
  • C:\Program Files\MSN\server.exe
    Size
    65K
    SHA-1
    c173eef38bb2cc9cd21697eac7cc5cd480f7b937
    MD5
    9793eb6fc51f0d005bf017650e7c0fef
    CRC-32
    5cf0fc8f
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
  • c:\Documents and Settings\test user\Local Settings\Temp\sample0.exe
    Size
    65K
    SHA-1
    c173eef38bb2cc9cd21697eac7cc5cd480f7b937
    MD5
    9793eb6fc51f0d005bf017650e7c0fef
    CRC-32
    5cf0fc8f
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
Registry Keys Created
  • HKLM\SOFTWARE\Bifrost
    nck
    ed 1b e6 27 b9 28 d6 32 74 c3 cd 74 fa 93 5b 67
Processes Created
  • c:\docume~1\support\locals~1\temp\sample0.exe
DNS Requests
  • salim121.no-ip.biz

Example 3

File Information

Size
65K
SHA-1
788fec1351a9d90c7833bcc601a3040fc194bb39
MD5
a7ba1e707dc574569d691c69cabdffe5
CRC-32
714480fb
File type
application/x-ms-dos-executable
First seen
2010-08-03

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\sample0.exe
    Size
    65K
    SHA-1
    f21bb01c61428b9814443ac58a72f7f9d6c8911f
    MD5
    14341f533e283f3aac0af8c1f91d7394
    CRC-32
    b8e8e387
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
  • C:\Program Files\MSN\server.exe
    Size
    65K
    SHA-1
    f21bb01c61428b9814443ac58a72f7f9d6c8911f
    MD5
    14341f533e283f3aac0af8c1f91d7394
    CRC-32
    b8e8e387
    File type
    application/x-ms-dos-executable
    First seen
    2010-08-03
Registry Keys Created
  • HKLM\SOFTWARE\Bifrost
    nck
    ed 1b e6 27 b9 28 d6 32 74 c3 cd 74 fa 93 5b 67
Processes Created
  • c:\docume~1\support\locals~1\temp\sample0.exe
DNS Requests
  • salim121.no-ip.biz

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy